diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-10-11 22:22:40 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-10-12 13:30:43 +0200 |
commit | 8587721dc4abbac61cc5d495edc3a90b9f1ee772 (patch) | |
tree | 101d8fe30a1ce0ca3f31c7c15e4b6be7fae7ec82 /patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch | |
parent | 3923d6b15dedd0eef9a6374a0c7e233d6b3efae6 (diff) | |
download | current-8587721dc4abbac61cc5d495edc3a90b9f1ee772.tar.gz current-8587721dc4abbac61cc5d495edc3a90b9f1ee772.tar.xz |
Wed Oct 11 22:22:40 UTC 202320231011222240_15.0
patches/packages/libcaca-0.99.beta20-x86_64-1_slack15.0.txz: Upgraded.
Fixed a crash bug (a crafted file defining width of zero leads to divide by
zero and a crash). Seems to be merely a bug rather than a security issue, but
I'd been meaning to get beta20 building so this was a good excuse.
Thanks to marav.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-0856
(* Security fix *)
Diffstat (limited to 'patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch')
-rw-r--r-- | patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch b/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch new file mode 100644 index 000000000..092af0643 --- /dev/null +++ b/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch @@ -0,0 +1,38 @@ +From d33a9ca2b7e9f32483c1aee4c3944c56206d456b Mon Sep 17 00:00:00 2001 +From: Josef Moellers <jmoellers@suse.de> +Date: Fri, 18 Mar 2022 11:52:22 +0100 +Subject: [PATCH] Prevent a divide-by-zero by checking for a zero width or + height. + +--- + src/img2txt.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/img2txt.c b/src/img2txt.c +index b8a25899..b9d5ba24 100644 +--- a/src/img2txt.c ++++ b/src/img2txt.c +@@ -177,7 +177,13 @@ int main(int argc, char **argv) + } + + /* Assume a 6×10 font */ +- if(!cols && !lines) ++ if(!i->w || !i->h) ++ { ++ fprintf(stderr, "%s: image size is 0\n", argv[0]); ++ lines = 0; ++ cols = 0; ++ } ++ else if(!cols && !lines) + { + cols = 60; + lines = cols * i->h * font_width / i->w / font_height; +@@ -214,7 +220,7 @@ int main(int argc, char **argv) + export = caca_export_canvas_to_memory(cv, format?format:"ansi", &len); + if(!export) + { +- fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format); ++ fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format?format:"ansi"); + } + else + { |